www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Advanced Cyber-Security:Universal solution for Grid IoT IntegrationSimon Rodriguez, Vice-President Business Development, SUBNET Solutions Inc
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Universal solution for Grid IoT Integration• Universal Solution Background
– Historical Vendor Specific Issues and Complexity
– Evolving List of Capabilities needed in a Universal Solution
– Risk of Smart Grid Integration Project Silos
• Benefits of Universal Solution Benefits (2X to 5X+ ROI)
– Enable Vendor Choice, Avoid Vendor Lock In
– Focus on integrating your systems not trying to multiple Integrate Systems
– Have an Integration Standard for all your Smart Grid projects
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
SYSTEMIntelligence
Objectives for Universal Grid IoT Integration Solution
SubSTATIONIntelligence
All Your Primary Equipment and Device Vendors All Your Top Tier OT and IT Management Systems
All Your Various Data Communication Options
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
SYSTEMIntelligence
Objectives for Universal Grid IoT Integration Solution
SubSTATIONIntelligence
Universal
Grid IoT
Integration
Solution
Need A Multi-Vendor, Multi-Function Integration Solution
All Your Primary Equipment and Device Vendors All Your Top Tier OT and IT Management Systems
All Your Various Data Communication Options
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
SYSTEMIntelligence
Multi-Function Integration vs Multiple Single Function
SubSTATIONIntelligence
Multi-Function Integration
1. SCADA Data Collection2. Non-SCADA Data Collection3. Secure Remote Access 4. Password Management5. Configuration Management6. Firmware Management
Need A Multi-Vendor, Multi-Function Integration Solution
All Your Primary Equipment and Device Vendors All Your Top Tier OT and IT Management Systems
All Your Various Data Communication Options
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Unified Device Integration and Security
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Grid IoT Represents that Latest Wave of Connected Grid Solutions
FLISR IVVC Equip Mon InvertersLine Monitors
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Thousands of IoT Devices being Deployed: Benefits
- Many New Smart Grid Devices
- New Vendors entering the Market
- New Innovative Product Offerings
- Many New Smart Grid Applications
- The Connected Grid offers many Benefits
- Large Investor-Owned Utilities (IOUs) with Budgets of 100Ms, 1B+ Grid Modernization Budgets
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
IntelligentEnd Point IEDs
Business IntelligenceSystems
Networking CommunicationsEquipment
Can OT Devices Keep Pace with IT Technology(Evolving Security and Integration)
Life Span
5years
Life Span
10 - 20 years
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Partial List ofVendor Specific
Protocols
ABB Spa Bus
ABB RP-570
ABB RP-571
ABB Indactic 33/1
ABB Indactic 33/41
ABB Indactic 33/41 Ext.
ACS 3100
AEP Synchronous
AEP Asynchronous
ASEA ADLP 80
ASEA ADLP 180
ASW LS RTU1
Amtrak SDLC
Avista Inp 1000
Bailey MPC
Boeing SDLC
CAE Micro RTU1
CAE HDLC
CDC Type 1
CDC Type 1-12 bit adrs
CDC Type 1 ASCII
CDC Type 2
CDC Type 2 synchronous
CDC Type 2 extended
CDT Types 1, 2, 3, 4, 5
Cegelec HN Z 66 S 11/15
Compumech CD-4150
Conitel 300
Conitel 2000
Conitel 2020
Conitel 2025
Conitel 2100B
Conitel 2100H
Conitel 2100M
Conitel 3000
DYNAC DYNET
Ferranti Van Comm
Fuji
Getac/ 7020/4-BCH
Getac/Betac 7020-LP
Getac/Betac SDLC
Harris 5000/6000
Harris Micro 2
Harris Micro 3
Honeywell 7000
Modbus ASCII
Modbus RTU
Modbus TCP
Moore 9000
Newfoundland
OPC-XML DA
PG&E 2179
Pert 26/31
QEI/Quindar QPLH1
QEI/Quindar Quics II
QEI/Quindar Quics IV1
Quantum DNP 1/QDIF
RainWise Serial
Recon 1.1
Redac 70D
Redac 70H
Redsad
Rockwell 5010
Rockwell 5011 (standard)
Rockwell 5011 (PSI)
Rockwell 5012
Rockwell 5020
SCADA Consultants
Scadapac 1
Scadapac 5
SCA 2500
SCI RDACS1
SEL Fast Meter
SEL Fast Message
SEL Interleiaved
SES 92
SES 92 (GRE)
SES 92 IP (GRE)
Siemens Sinaut 8-FW/DPDM
Southern Services
Southwestern PS Co. SPS
Systems Control 5
Systems Control 5.2
SC1801 5.4.1
SC1802 5.5
SC1803 6
Systems Northwest 11.1
Systems Northwest 111
Systems Northwest Distribution
Toshiba
Telegyr BOA
Telegyr BOA Byte
Telegyr MPS9000 Async
Telegyr MPS9000 Sync
Telegyr Telegyr 800
Telegyr Telegyr 8979
TLC 11M
TRW 850
TRW 9550
TRW System 9
Valmet (Tejas) Series 3
Valmet (Tejas) Series 5
Valmet (Tejas) Series 5 extended
Westinghouse Wisp+
Westinghouse Wisp+
Weston Recon 1
1st Connected Grid Wave SCADA – 1970+
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
Protocol C
Any Protocol
Universal SCADA Data Management Solution =
Replace Vendor Specific RTU with Specifically Multi-Vendor RTU/ Gateway
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Multi-Vendor IED Support Matrix
Vendor ProtocolMatrix
Event FileCollection
Mgmt
IEDAccessMgmt
PasswordChangeMgmt
IED ConfigChangeMgmt
FirmwareChangeMgmt
1 Siemens L&G 8979, Spa-Bus ? ? ? ? ?
2 ABB RP-570, 571.. ? ? ? ? ?
3 SEL SEL FM, SEL ASCII.. ? ? ? ? ?
4 GE Harris 5000, 6000 ? ? ? ? ?
5 Alstom Proprietary ? ? ? ? ?
6 Schneider Tejas III, V, … ? ? ? ? ?
7+ etc More…. ? ? ? ? ?
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Defining Interoperability
Past Three DecadesOperational SCADA Data Collection
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
Protocol C
Any Protocol
Total SCADA Data Management Solution =
Requires a Multi-Vendor SCADA Protocol Solution
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
Event File C
Total Device Event File Management
Requires a Multi-Vendor Event File Solution
Centralized Event Files
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
Login PW C
Total IED Access Control
Requires a Multi-Vendor
IED Access Control Solution
Centralized Access Control
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
PW Change C
Total Password Management
Requires a Multi-Vendor
Password Management Solution
Centralized Password Management
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
STATION
Intelligence
SYSTEM
Intelligence
Config C
Total Device Configuration Management Solution =
Specifically Multi-Vendor Configuration Management
Centralized Config Management
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Beyond SCADA Integration. Today we need to deal with the complexity of…
• Fault File Management
• Remote Engineering Access (CIP-005, CIP-007)
• Password Change Management (CIP-005, CIP-007)
• Configuration Management (CIP-010, PRC-005)
• IED Documentation Management is even complicated
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Defining Interoperability
TodayOperational
Firmware Management
Configuration File Management
Password Change Management
Secure Remote Access Management
Non SCADA Data Collection
SCADA Data Collection
& Maintenance
+
Device
Management
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Multi-Vendor IED Support Matrix
Vendor ProtocolMatrix
Event FileCollection
Mgmt
IEDAccessMgmt
PasswordChangeMgmt
IED ConfigChangeMgmt
FirmwareChangeMgmt
1 Siemens L&G 8979, Spa-Bus ? ? ? ? ?
2 ABB RP-570, 571.. ? ? ? ? ?
3 SEL SEL FM, SEL ASCII.. ? ? ? ? ?
4 GE Harris 5000, 6000 ? ? ? ? ?
5 Alstom Proprietary ? ? ? ? ?
6 Schneider Tejas III, V, … ? ? ? ? ?
7+ etc More…. ? ? ? ? ?
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Multi-Vendor IED Support MatrixNeed IED Access, Password, Config & Firmware Management
Vendor ProtocolMatrix
Event FileCollection
Mgmt
IEDAccessMgmt
PasswordChangeMgmt
IED ConfigChangeMgmt
FirmwareChangeMgmt
1 Siemens L&G 8979, Spa-Bus ? ? ? ? ?
2 ABB RP-570, 571.. ? ? ? ? ?
3 SEL SEL FM, SEL ASCII.. ? ? ? ? ?
4 GE Harris 5000, 6000 ? ? ? ? ?
5 Alstom Proprietary ? ? ? ? ?
6 Schneider Tejas III, V, … ? ? ? ? ?
7+ etc More…. ? ? ? ? ?
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
One SUBNET Utility Customers’ IED Support Matrix
89 DifferentIEDs
17+ Use Cases Defined To Date
Advanced/ Automated Functions
Login Logout Passwords Configurations Firmware Events SOE Logs Discover
Au
tom
ated
logi
n
Au
tom
ated
logo
ut
Ch
ange
Dev
ice
Pas
swo
rd in
ga
tew
ay
Ch
ange
Pas
swo
rd
Bac
kup
co
nfi
g
Res
tore
Co
nfi
g
Get
Co
nfi
g su
mm
ary
Ret
riev
e fi
rmw
are
vers
ion
Co
mp
are
firm
war
e
Up
dat
e fi
rmw
are
Ret
riev
e n
ew e
ven
t fi
les
Ret
riev
e SO
E fi
les
Ret
riev
e d
evic
e lo
gs
Dis
cove
r C
on
nec
ted
d
evic
es
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Evolving SUBNET’s Unified Grid Intelligence is a continual process. Always new devices, Always new use cases…
NewIEDsevery month
New Use Cases every year…..
Advanced/ Automated Functions
Login Logout Passwords Configurations Firmware Events SOE Logs Discover
Au
tom
ated
logi
n
Au
tom
ated
logo
ut
Ch
ange
Dev
ice
Pas
swo
rd in
ga
tew
ay
Ch
ange
Pas
swo
rd
Bac
kup
co
nfi
g
Res
tore
Co
nfi
g
Get
Co
nfi
g su
mm
ary
Ret
riev
e fi
rmw
are
vers
ion
Co
mp
are
firm
war
e
Up
dat
e fi
rmw
are
Ret
riev
e n
ew e
ven
t fi
les
Ret
riev
e SO
E fi
les
Ret
riev
e d
evic
e lo
gs
Dis
cove
r C
on
nec
ted
d
evic
es
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Multi-Function Integration
Need Multi-Function - Integrated Integration
Remote Engineering Access
Configuration
& Firmware
Management
Password Change Management
Non SCADA Data
Collection
Interleaving of Operational and Non -Operational Device Access
Access to a device requires knowledge of the device password.
Many devices require the application to already be synchronized with the device s configuration before access .
Extracting a configuration from a device requires remote access.
Access to a device requires knowledge of the device password.
Password changes may need to be synchronized with password stored in the configuration .
Password changes requires remote access
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
SUBNET Grid IoT Solutions
FLISR, VVO, CFI, Distribution XFMR Monitoring, DERMs, etc
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Utility Standard Typically
SYSTEMIntelligence
Your UtilitiesBI SystemStandards
Your UtilitiesOT SystemStandards
Your UtilitiesComm System
Standards
Your UtilitiesIED Edge Integration
Standard????
Does this exist??
Or is this done in a- Project Specific
- Vendor Specific way>
ADMS
OSIsoft PI or eDNA
SCADA Vendor
SAP, Maximo?
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Typical Result: Implemented ManyProject Specific, Vendor Specific Systems
SYSTEMIntelligence
ADMS
OSIsoft PI or eDNA
SCADA Vendor
SAP, Maximo?
FlISR IEDSVendor 1
FLISR DATA Collection
FLISR DataHistorian
FLISR BIIntegration
FLISR Device Mgmt
VVO IEDSVendor 2
VVO DATA Collection
VVO DataHistorian
VVO BIIntegration
VVO Device Mgmt
CFI IEDSVendor 3
CFI DATA Collection
CFI DataHistorian
CFI BIIntegration
CFI Device Mgmt
Smart InvVendor 4
S Inv DATA Collection
S Inv DataHistorian
S Inv BIIntegration
S Inv Device Mgmt
XFMR MonVendor 5
XFMR DATA Collection
XFMR Data
HistorianXFMR BI
IntegrationXFMR Device
Mgmt
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
FLISR DATA Collection
FLISR DataHistorian
FLISR BIIntegration
FLISR Device Mgmt
VVO DATA Collection
VVO DataHistorian
VVO BIIntegration
VVO Device Mgmt
CFI DATA Collection
CFI DataHistorian
CFI BIIntegration
CFI Device Mgmt
S Inv DATA Collection
S Inv DataHistorian
S Inv BIIntegration
S Inv Device Mgmt
XFMR DATA Collection
XFMR Data
HistorianXFMR BI
IntegrationXFMR Device
Mgmt
Extend Your Utilities Integration Standard Closer to the Edge
Your UtilitiesBI SystemStandards
Your UtilitiesOT SystemStandards
Your UtilitiesComm System
Standards
Your UtilitiesIED Edge Integration
Standard??
ADMS
OSIsoft PI or eDNA
SCADA Vendor
SAP, Maximo?
FlISR IEDSVendor 1
VVO IEDSVendor 2
CFI IEDSVendor 3
Smart InvVendor 4
XFMR MonVendor 5
FlISR IEDSVendor 2
VVO IEDSVendor 2
CFI IEDSVendor 2
Smart InvVendor 2
XFMR MonVendor 2
FlISR IEDSVendor 3
VVO IEDSVendor 3
CFI IEDSVendor 3
Smart InvVendor 3
XFMR MonVendor 3
Integrated Integration• ANY IED SCADA DATA Collection• ANY IED Historian Data Collection• Any IED Integration with BI• ANY IED Device Management
• IED Access Control• PW Mgmt• Config Mgmt• Firmware Mgmt
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Universal Grid IoT Integration Case Study
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Canadian Provincial Utility Universal Grid IoT Device Management
• Generation– 41 Dam sites,
– 30 Hydro Facilities
– 9 Thermal units
• Transmission– ~18,000 km of lines
– ~260 substations
• Distribution– ~56,000 km of distribution lines
– ~1.8 million customers
– Service Area: 944,735 km2 (364,764 sq mi)
Deploying 7000 Grid IoT devices
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Thousands of Grid IoT Devices being Deployed
FLISR
IVVC
XFMR Mon
Inverters
CFI
• 7000 Devices Being Deployed• Was doing Traditional ADMS Data Collection• Needed Multi-Vendor Device Management (Avoid Truck Rolls)• Needed Cyber Security (Password Management)
SYSTEMIntelligence
Asset MS
Historian
ADMS
Eng Access
Dev Mgmt
Fault Data
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Expand IoT FEP for Engineering Access / Device Mgmt
FLISR
IVVC
XFMR Mon
Inverters
CFI
1. Adds Secure Remote Access2. Adds Password Management3. Adds Configuration and Firmware Management4. Specialized Technology able to manage Essentially Any Device
Asset MS
Historian
Eng Access
Dev Mgmt
Fault Data
SYSTEMIntelligence
ADMS
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
The FLISR Dollars: Vendor Specific
SYSTEMIntelligence
Automated Recloser SW /w IEDImplement Vendor Specific
Device Management System
$40K/switch Qty = 1000 = $40,000,000
FlISR IEDSVendor 1
FlISR IEDSADMS Data
FlISR IEDSHistorian Data
FlISR IEDSAsset Mgmt
FlISR IEDSDevice Mgmt
$45K/switch? Qty = 1000 = $45,000,000
Phase 2: Install another 1000 units
Phase 1: Install 1000 units
ADMS
Asset MS
Historian
Eng Access
Dev Mgmt
Fault Data
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
The FLISR Dollars: Specifically Multi-Vendor
SYSTEMIntelligence
Automated Recloser SW /w IEDImplement Multi Vendor
Device Management System
$40K/switch Qty = 1000 = $40,000,000
FlISR IEDSVendor 1
FlISR IEDSADMS Data
FlISR IEDSHistorian Data
FlISR IEDSAsset Mgmt
FlISR IEDSDevice Mgmt
Phase 2: Install another 1000 units
$25K/switch? Qty = 1000 = $25,000,000
Phase 1: Install 1000 units
ADMS
$35K/switch? Qty = 1000 = $35,000,000
Potential of up to $15M in Savings (over 35%)
New Lower Cost Competitor Option
Asset MS
Historian
Eng Access
Dev Mgmt
Fault Data
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Total Universal Grid IoT Solution BothUniversal Data Collection AND Device Management
FLISR
IVVC
XFMR Mon
Inverters
CFISYSTEM
Intelligence
ADMS
Asset MS
Historian
Eng Access
Dev Mgmt
Fault Data
Extend your Utilities’ integration solution to enable standardized integration and Security to any Device
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
SUBNET Grid IoT Security and Integration Key Benefits
• Benefits of Universal Solution Benefits Extend Life of Current Install Base
• Multi-Vendor Competition Savings (2X to 5X+ ROI)
– Make Primary and Edge Device Vendor Compete with Multi-Vendor Integration
– Enable Vendor Choice, Avoid Vendor Lock In
• Ensure Maintenance of Grid IoT Infrastructure is cost effective
– Device OT and IT Data Collection Grid IoT Devices
– Centralized Device Management of Grid IoT Devices
– Focus on integrating your systems not trying to multiple Integrate Systems
• Have a Security and Integration Standard for all your Smart Grid projects
www.SUBNET.com © Copyright 2018 SUBNET Solutions Inc.
Q&A Session / Contact Details
Simon RodriguezVice President, Business DevelopmentMobile: +1 480 242-7840Email: [email protected]